Key Highlights

  • Criminal defendants are particularly vulnerable to the far reaching consequences of public records: leading to the most common privacy violations in the US, namely erroneous reporting in background checks, unauthorized disclosure of records, and misuse of public records data.
  • Out of 5 million complaints to the CFPB, violations within consumer reports take the top spot.
  • These privacy violations can have a significant impact on criminal defendants, including lost job opportunities, housing, online dating prospects, psychological effects, and endless collateral consequences to their personal and professional lives.
  • Legal frameworks, such as federal laws and state-level protections, exist to safeguard the privacy of defendants, but there are many loose ends that need to be fixed.
  • Preventative measures include proactive data practices, such as consumer-driven legal tools, significantly help mitigate privacy violations for justice-involved individuals.


In today’s digital age, the most common privacy violations have unfortunately become common. Individuals and organizations alike have been exposed to various breaches of their sensitive information. While privacy violations can affect anyone, criminal defendants are particularly vulnerable to these violations due to the nature of their publicly exposed positions within the legal system. 

This article details the most prevalent (and harmful) privacy violations faced by criminal defendants, their impact on the individuals involved, the legal frameworks in place to protect their privacy, and the preventative measures and best practices that can help mitigate these violations.

The Most Common Privacy Violations Affecting Criminal Defendants

most common privacy violation background check

Criminal defendants are exposed to a wide range of privacy violations. But the most prevalent of these include erroneous reporting in background checks, unauthorized disclosure of legal information, and the misuse of the criminal data within the records. 

Additionally, criminal defendants may also experience violations related to their already accessible justice data which greatly expands their overall risk exposure. 

These violations have serious consequences for those involved with the justice system at any point; impacting their ability to find work, housing, mental well-being, and even their ability to engage in online dating out of their fear of being permanently stigmatized. 

1. Erroneous Reporting in Background Checks

Taking the top spot for the most common privacy violations are inaccurate consumer reports. When it comes to criminal defendants, this translates to a more specific term: erroneous reporting in background checks. 

The Consumer Financial Protection Bureau (CFPB) has maintained a database of 5,069,026 consumer complaints since 2011. Out of all complaints, credit reporting violations total 2,163,880 [last reported on 04/21/2024]. 

Source: CFPB Complaint Database
Source: Consumer Financial Protection Bureau (CFPB) Complaint Database [last visited 04/21/2024]

For those confused as to why criminal records have anything to do with credit or consumer reporting–you’re not alone. Because beyond the practice of generating personal profiles on individuals on matters that reflect on one’s financial responsibility or credit risk, criminal record reporting (aka: Background Checks) falls into the wide reach of what companies are allowed to do with consumer data.

Taking all issues and sub-issues together, this adds up to being the largest recorded consumer complaint category in the US.

And while disclosing criminal records by itself is not the most frequently reported violation within the category per se, criminal defendants fall prey in ways that are far beyond this type of violation because of the dynamic interplay in how arrests are published, how formal charges are filed, and ultimately how differently case resolutions are reflected on court access portals. The harvesting and reselling of criminal information is then magnified from the complex layers of the crime data supply chain markets.

Each one of these steps transmute the accuracy of the defendant’s record in ways that can be taken out of context and unfairly affect someone’s entire professional and personal life.

But Why Criminal Defendants?

The final product of a person’s criminal history is rarely a document generated by the state central repository (sometimes referred to as a RAP sheet).

Instead, it is a complex aggregation of data points collected, organized, and generated for employers, tenant screening, and a web of unauthorized data brokerages that sell personal information to almost anyone who wishes to know more about someone.  

So, with something as juicy as past arrests or criminal charges, it’s hard to resist satisfying the “I-want-to-know-more” public market. Long story short: when it’s time for job screenings, lease applications, and neighbors/new love interests/business contacts–those with a past in justice court more exposed than your average everyday citizen.

public criminal records

Why These Violations Must be Taken Seriously

These reports can have severe consequences for any defendant facing lost job opportunities, housing application rejections, and even being stigmatized socially. Put simply, these reports affect the overall quality of life for millions of people. After all, 1 in 3 Americans have some kind of criminal record–with low-level misdemeanors outnumbering felonies 5-to-1.

With the growing popularity of Clean Slate laws promising to “clear your record”, public record companies continue to monetize criminal data despite millions of cases that should not be reported due to dozens of criteria enumerated in state statues.

2. Unauthorized Criminal Record Disclosure

Closely related to the first category (but worthy of its own spot) is the unauthorized disclosure of criminal information.

Criminal records are considered “public records”, and contain highly sensitive information about an individual’s involvement in the court, including arrests, charges, and convictions. But they are not intended to be seen forever or by anyone who is curious.

In many states, once a case is dismissed or sealed, it should not be easily found by third parties and actually prohibited from distribution outside of authorized justice agencies.

Fair Credit Reporting Act (FCRA) & State Privacy Laws

This type of disclosure has serious consequences for criminal defendants, most often harming their reputation, employment prospects, and personal relationships. Federal law, such as the Fair Credit Reporting Act (1970) establishes protocol for criminal records in that they are accessed and disclosed only with proper authorization and in accordance with privacy rules and regulations.

Employment rights agencies often advise individuals to obtain copies of their own background check reports when generated after an interview so they may take notice of any outdated arrests or dismissed cases. And this serves a very important role within employment discrimination.

Public Records vs. Public Records

But many of these violations are caused by inexperienced or non-compliant screening agencies either unfit or under resourced in reporting best practices. Worse yet, countless records are sold behind their backs with no way to detect who bought the reports.

Consumer reporting agency privacy violation

Most shocking however, is the prevalence of publicly available person-search databases that include criminal reports generated outside the permissible use (i.e., just for curiosity’s sake).

Few are aware that providing a consumer’s criminal profile on someone is not as legal as some may think.1

3. Misuse of Public Records

Criminal defendants often face violations far beyond erroneous or unauthorized disclosures. Probably far more frequent (but incredibly difficult to monitor) is the misuse of public records by everyday individuals who purchase them for no other reason but curiosity and personal snooping.

There is no shortage of “People Search” websites on the Internet.

By their very nature as being so ubiquitous in our online experiences, it’s safe to say this makes the list among the most common privacy violations hiding in plain sight.

Public records databases (operating privately) contain a wealth of information about individuals, including criminal background, financial history, and personal details (home address, date of birth, relatives information, etc.). 

Unfortunately, these records can be (and often are) misused, leading to potential harm and violations of privacy for criminal defendants. Misuse of public records can involve unauthorized access or dissemination of sensitive information (“Doxxing”), taking over personal/professional accounts, willful reputational damage, identity theft, and other adverse acts.

The CFPB continues to develop comprehensive research on evolving business models that data brokers monetize and whether they fall under the statutory scope of the FCRA. But these are monumental projects involved several layers of detection and enforcement.

illegal surveillance

4. Illegal Surveillance and Monitoring

This violation can be seen in one of two ways. (a) Cyber breach victims credentials must often be verified with public records–which increases someone’s exposure to financial fraud, identity theft, and unauthorized surveillance by bad actors. (b) Additionally, women who have been through the system face increased exposure to stalking for the very same reasons.

Illegal surveillance and monitoring are serious privacy violations because it strikes fear into anyone’s sense of wellbeing and safety. Surveillance and monitoring activities can involve the unauthorized collection, recording, and analysis of an individual’s personal information, including their communications, movements, and activities. Monitoring can mean anything from pinpointing a person’s whereabouts, place of work, home address, or who they are romantically linked to.

This can have significant psychological and emotional impacts way beyond what anyone could have anticipated when pleading guilty to even the lowest of misdemeanors.

5. Unlawful Sharing of Information with Third Parties

Unlawful sharing of information with third parties is a privacy violation that criminal defendants will rarely know about.

Third parties can include individuals, organizations, or entities that are not directly involved in the criminal case but may gain access to sensitive information related to the defendant. More specifically, third parties can be anyone who wants to know more–and disseminates that information to anyone else.

When information is unlawfully shared with third parties, criminal defendants are again at risk of privacy breaches, reputational harm, and potential misuse of their personal data, and the all-inclusive revolving door of stigmatization.

unlawful data sharing

Preventing this kind of violation is a complicated endeavor and one that RecordFixer has devoted years of research to solving. A mixture of detection algorithms, active monitoring of criminal data supply chains, and a proactive approach towards distribution networks has been the key to real results.

The Impact of Privacy Violations on Criminal Defendants

Privacy violations have a significant impact on criminal defendants, both during and after legal proceedings have ended. These violations can manifest in various ways.

When personal information is exposed or mishandled, criminal defendants may experience heightened stress, anxiety, and emotional distress that they will be permanently defined by a singular moment of their lives. Such exposure impacts their social media presence, leading to negative self-images to their personal and professional relationships.

Consequences of Erroneous or Outdated Criminal Information

If it hasn’t been said enough already, erroneous information can have a lasting impact on a defendant’s life. This affects employment prospects, housing opportunities, and personal relationships. Outdated information can also lead to unfair assessments of a defendant’s character or risk factors when obtaining insurance, entering a business partnership, acquiring large lines of credit or commercial loans, even inclusion into social clubs.2

Furthermore, inaccurate information can increase the risk of identity theft, as personal details may be exposed to unauthorized individuals who intend to misuse what they discover. This can result in serious financial loss, furthering an already embattled reputation, and the ongoing challenges in rectifying the long-lasting effects of identity theft.

Legal Frameworks Protecting Defendants’ Privacy

Legal Framework for privacy violations

Legal frameworks do exist in the US which aim to protect the privacy of criminal defendants. These frameworks establish rights, rules, and regulations to safeguard defendants’ sensitive information and ensure their privacy rights are respected and to mitigate unequal treatment in the marketplace.

At the federal level, various laws and regulations, such as the Fair Credit Reporting Act (FCRA) provide protections for criminal defendants’ personal information. This federal framework establishes standards for the collection, use, and ultimately the permission to disclose consumer information related to criminal records and the imposition of penalties for violations.

State-Level Protections and Variances

In addition to federal laws and regulations, state-level protections also play a crucial role in protecting the privacy of criminal defendants. These state-specific statutes and regulations can provide additional safeguards and remedies for privacy violations specific to the jurisdiction.

State-level protections may vary, with some implementing stricter privacy laws than others. These variances can result in different levels of privacy protection for criminal defendants, depending on the jurisdiction in which they were involved in.

Because of this, It is essential for criminal defendants and their legal counsel to be familiar with the specific state-level protections in place and advocate for their rights accordingly. Furthermore, it is critical for practitioners to utilize compliance tools to further the goals of their clients challenged by collateral consequences.

Preventative Measures and Best Practices

For the time being, defendant/consumers must take matters into their own hands. Tools are available (such as ours), but a proper mindset is also helpful.

Some key preventative measures and best practices include self-governing data accuracy and management and strengthening legal compliance and audits that someone faces in significant life changes.

What this means in practice can be boiled down to two (2) specific actions tailored to combat the most common privacy violations mentioned above.

Tip 1: Enhancing Data Accuracy and Management (Secure your Official Documents)

criminal record defendant

Enhancing data accuracy and management means holding onto the primary source records that may be used against you in the future. The sensitive information (your charges, your terms of probation, discharges, orders to Seal, motions for dismissal); all play a central role in accuracy.

Defendants should regularly review their personal data associated with their cases and monitor any inaccuracies or outdated information, and take steps to correct and update their records wherever they see them. Conducting regular self-searches can help identify potential vulnerabilities and address them proactively.

Additionally, defendants should work closely with their legal counsel to challenge any false information and ensure the accuracy of their criminal records. Public Defender offices may already have partnership agreements with RecordFixer–so clients are encouraged to ask their local office if they can utilize one of our programs to bolster their privacy standpoint.

Tip 2: Strengthening Legal Compliance and Audits

the most common privacy violations

Our team has developed hard-fought trust with the most responsible reporting agency’s that continue to prioritize data integrity and compliance. And we are actively monitoring thousands of entities that operate in the records supply chain. But defendants must remain vigilant whenever a new job, rental lease, or online platform could uncover past arrest or charging history.

Thus, being actively aware of any reports generated to extend credit, contracts, insurance, employment, or even online dating sites, is highly advised.

Pay close attention to any procedures requiring the submission of formal documentation to correct any inaccuracies (See Tip #1 above). There are over 33 million small businesses in the US3 and not all of them can be depended on to use industry grade background checks on new hires.

Regular audits of privacy practices can help identify any vulnerabilities or gaps in privacy protections–especially when the audits are driven by the individual who has the most to lose from faulty data management.


We strongly encourage individuals who have been involved with the justice system to above-all-else seek legal counsel as to their unique circumstances. Having an experienced attorney or public defender’s office that handled the matter should be one’s first step. After that, defendants may want to ask if the law office or county public defender’s office already have an existing partnership agreement with RecordFixer to onboard the background check removal process faster.

Frequently Asked Questions

What Constitutes a Privacy Violation for a Criminal Defendant?

A privacy violation for a criminal defendant involves any unauthorized access, disclosure, misuse, or inaccuracy related to their sensitive criminal related information without proper authorization. This can include generating a background check without proper approval, disclosing outdated or erroneous records (expunged cases, non-charged arrests, sealed records, etc.), and the mishandling of criminal records or background checks.

How Can Defendants Protect Themselves Against Privacy Violations?

Use consumer-driven privacy tools like RecordFixer to take proactive control of the records associated with you. Defendants can protect themselves against privacy violations by conducting regular online searches, obtaining official records from local courts, strengthening information security habits, and staying vigilant about potential privacy exposure.

What Legal Recourse is Available for Victims of Privacy Violations?

Victims of privacy violations, including criminal defendants, may have legal recourse available to them. They can seek assistance from legal counsel, file complaints with relevant authorities such as the CFPB, and potentially pursue civil action to uphold their privacy rights and seek remedies for any harm caused.


  1. An important distinction must be made here. Despite the availability of online databases offering any and all publicly available information on someone, many operate under the radar and on the heels of semi-allowable disclosure rules. For example, virtually every single people search engine has countless disclaimers that the information contained “must not be used for employment or housing purposes.” Yet every major investigation into the industry establishes that these are the primary functions of the services being offered. Nevertheless, under most state and federal guidelines, generating such reports must be for permitted purposes only; and within those purposes, very strict guidelines of accuracy must be followed. ↩︎
  2. The author can verify that after practicing law for the past 17 years, he has seen numerous “background check” authorization forms to local country clubs. At best, clients are often perplexed or amused. At worst, clients are horrified that “one night” will follow them this far into their lives. Unfortunately, clients eventually learn these inconveniences are among the most common privacy violations for justice-involved individuals. ↩︎
  3. US Small Business Administration: Office of Advocacy FAQ 2023 ↩︎